hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-01 00:27:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,907 Commits 1,673 Branches 157 Tags
9de1fb7c18929e29e59d2cedd79af7d30aec3cd8
Commit Graph

133 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
9de1fb7c18 Merge pull request #4222 from jbj/BlockStmt 
C++/Java/JS: Rename Block -> BlockStmt
 2020-09-09 10:02:37 +02:00
Jonas Jensen
464d3630a2 Java: Rename Block -> BlockStmt 2020-09-08 08:40:20 +02:00
Anders Schack-Mulligen
89829e870d Java: Clean up SqlInjectionLib. 2020-09-02 11:17:56 +02:00
Anders Schack-Mulligen
cc61e6117e Merge pull request #3542 from porcupineyhairs/mongoJava 
Java : add MongoDB injection sinks
 2020-09-01 16:19:17 +02:00
Anders Schack-Mulligen
beca44ec2f Merge pull request #4172 from rvermeulen/java/xss-sink-extensible 
Java: Customizable XSS analysis
 2020-09-01 09:27:50 +02:00
CodeQL CI
9d6b2e7684 Merge pull request #4042 from aschackmull/java/xsssink-extensible 
Approved by aibaars
 2020-08-31 11:54:25 +01:00
Porcupiney Hairs
441825919c Java : add MongoDB injection sinks 2020-08-31 02:24:23 +05:30
Remco Vermeulen
8db5c4f2e2 Abstract additional taint step 2020-08-17 10:41:27 +02:00
Remco Vermeulen
518459c0f7 Abstract Xss sanitizer 
Turn the Xss sanitizer into an abstract class to support customizations
and provide a default implementation.
 2020-08-17 10:31:44 +02:00
Anders Schack-Mulligen
8891ae70b6 Merge pull request #3938 from lcartey/java/untrusted-data-to-external-api 
Java: Untrusted data used in external APIs
 2020-08-13 09:53:57 +02:00
lcartey@github.com
6f83c55ebd Java: Switch to low as a precision 
Code Scanning doesn't support "very-low"
 2020-08-12 13:48:59 +01:00
Luke Cartey
56ff8cf084 Apply suggestions from code review 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-08-12 13:12:06 +01:00
lcartey@github.com
6b6172fa5b Java: ExternalAPIs: Further review comments 
- Extra qldoc
 - Remove unnecessary module
 2020-08-12 09:21:14 +01:00
lcartey@github.com
e1d4b98923 Java: Add further missing </p> to qhelp 2020-08-11 15:28:55 +01:00
lcartey@github.com
8a65dd2cd6 Java: Address review comments 2020-08-11 15:28:06 +01:00
Anders Schack-Mulligen
99c9524639 Java: Make XssSink extensible. 2020-08-11 13:09:27 +02:00
Anders Schack-Mulligen
77db87efb7 Merge pull request #3968 from rvermeulen/java-importable-cwe-090 
Java: Move LDAP injection sinks, sanitizers, and additional taint steps to importable location
 2020-08-07 11:57:51 +02:00
Anders Schack-Mulligen
f9de8eb3b4 Java: Update precision of java/weak-cryptographic-algorithm. 2020-08-07 09:40:21 +02:00
Remco Vermeulen
7f7ad88dea Limit LdapAdditionalTaintStep to Ldap configuration 2020-08-06 11:35:03 +02:00
Anders Schack-Mulligen
205dd1aead Merge pull request #3881 from intrigus-lgtm/more-pathcreations 
Java: Centralize and model additional path creations.
 2020-08-06 11:21:39 +02:00
Anders Schack-Mulligen
9e78341e43 Merge pull request #3928 from rvermeulen/java-importable-cwe-113 
Java: Move `HeaderSplittingSink` and `WhitelistedSource` into importable library
 2020-08-05 10:16:00 +02:00
Anders Schack-Mulligen
32d9d270fc Merge pull request #3948 from aibaars/java-3941 
Java: stack trace exposure: address false positives
 2020-08-05 09:31:01 +02:00
Luke Cartey
5a96ee1a7b Remove parameter names from signatures 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-08-04 09:41:40 +01:00
Luke Cartey
368572f1f0 Update java/ql/src/Security/CWE/CWE-020/UntrustedDataToExternalAPI.qhelp 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-08-04 09:40:59 +01:00
Luke Cartey
7928a02424 Add missing full stop. 
Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
 2020-08-04 09:40:51 +01:00
Luke Cartey
e0c081a2af Add missing </p> tag 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2020-08-04 09:40:28 +01:00
Remco Vermeulen
2c42d3cca5 Extract additional taint steps 
This is done for logical cohesion. We already have the capability of
extending additional taint steps by extending
`TaintTracking::AdditionalTaintStep`.
 2020-07-22 16:04:55 +02:00
Remco Vermeulen
57e7411c0a Extract Ldap injection sanitizers to importable lib 
This includes a new abstract class that represents all the Ldap injection
santizers and can be used to add additional santizers through
extension.
 2020-07-22 16:04:55 +02:00
Remco Vermeulen
0d5f9113a3 Extract ldap injection sink into importable library 2020-07-22 16:04:55 +02:00
intrigus
f94055fa2c Move tainted path ad-hoc guard back. 2020-07-19 00:19:29 +02:00
intrigus
4570444c7e Rename to getAnInput and clarify doc. 2020-07-19 00:10:13 +02:00
Arthur Baars
67b6018079 Merge pull request #3729 from luchua-bc/java-hardcoded-aws-credentials 
Java: Hardcoded AWS credentials
 2020-07-13 18:04:42 +02:00
Arthur Baars
c585b2e483 Java: stack trace exposure: address false positives 2020-07-13 15:26:55 +02:00
luchua-bc
12803f1f53 Merge Hardcoded AWS Credentials check into the mail source folder 2020-07-13 12:22:34 +00:00
Anders Schack-Mulligen
c8b9b779ae Merge pull request #3927 from rvermeulen/java-importable-cwe-601 
Java: Move `UrlRedirectSink` into importable library
 2020-07-09 16:03:29 +02:00
Remco Vermeulen
7435dac3d2 Move source and sink into importable library 2020-07-09 14:53:59 +02:00
intrigus
641c5df79f Centralize and model additional path creations. 2020-07-09 14:48:47 +02:00
Remco Vermeulen
b66f391c31 Extend source and sink from DataFlow::Node instead of DataFlow::exprNode 2020-07-09 14:39:08 +02:00
Remco Vermeulen
fed506a12f Rename TrustedSource to SafeHeaderSplittingSource 2020-07-09 14:36:23 +02:00
Remco Vermeulen
ba9f3e2a1e Join ServletUrlRedirectSink with UrlRedirectSink 2020-07-09 14:08:43 +02:00
Remco Vermeulen
9a84abf259 Generalize QueryInjectionSink 
Extends from the more general DataFlow::Node instead of
DataFlow::ExprNode
 2020-07-09 12:32:17 +02:00
Remco Vermeulen
c01844a39e Add file-level qldoc 2020-07-09 10:30:31 +02:00
Remco Vermeulen
42e261ac02 Move SqlInjectionSink and PersistenceQueryInjectionSink 
Join SqlInjectionSink and PersistenceQueryInjectionSink with
QueryInjectionSink to make its definition more transparent.
 2020-07-09 10:21:24 +02:00
Remco Vermeulen
d07d21c9e2 Fix import 2020-07-09 10:20:53 +02:00
Remco Vermeulen
5f560e0465 Extract HeaderSplittingSink and WhitelistedSource 
- Extract `HeaderSplittingSink` and `WhitelistedSource` into an
importable library.
- Rename the existing `HeaderSplittingSink` implementation to
`ServletHeaderSplittingSink`.
 2020-07-08 17:17:24 +02:00
Remco Vermeulen
170be9ffe8 Move UrlRedirectSink into importable library 
- The `UrlRedirect` class is renamed to `ServletUrlRedirect`.
- Abstract class `UrlRedirectSink` is defined that can be imported and
used to customise CWE-601 via Customizations.qll
 2020-07-08 16:47:51 +02:00
Remco Vermeulen
06517c6f82 Move QueryInjectionSink into importable library 
This enables defining of new sinks to customise the CWE-089 queries.
 2020-07-08 16:24:06 +02:00
lcartey@github.com
b242a61701 Java: Untrusted data used in external APIs 
This commit adds two queries for identifying external APIs which are
used with untrusted data.

These queries are intended to facilitate a security review of the
application, and will report any external API which is called with
untrusted data. The purpose of this is to:
 - review how untrusted data flows through this application
 - identify opportunities to improve taint modeling of sinks and taint
   steps.
As a result this is not suitable for integration into a developer
workflow, as it will likely have high false positive rate, but it may
help identify false negatives for other queries.
 2020-07-03 17:32:08 +01:00
Geoffrey White
f8425b8a58 Java: Update uses. 2020-06-30 13:02:48 +01:00
luchua-bc
f40e27a3c5 Hardcoded AWS credentials 2020-06-17 02:46:02 +00:00